Penetration Testing

An asset is any item of economic value owned by an individual or corporation. Assets can be real, such as routers, servers, hard drives, and laptops, or assets can be virtual, such as formulas, databases, spreadsheets, trade secrets, and processing time.

A threat is any agent, condition, or circumstance that could potentially cause harm, loss, damage, or compromise to an IT asset or data asset. From a security professional's perspective, threats can be categorized as events that can affect the confidentiality, integrity, or availability of the organization's assets. These threats can result in destruction, disclosure, modification, corruption of data, or denial of service.

A vulnerability is a weakness in the system design, implementation, software or code, or other mechanism. A specific vulnerability might manifest as anything from a weakness in system design to the implementation of an operational procedure.

Security testing is the primary job of ethical hackers. These tests might be configured in such way that the ethical hackers have full knowledge, partial knowledge, or no knowledge of the target of evaluation (TOE).

No knowledge testing is also known as blackbox testing. Simply stated, the security team has no knowledge of the target network or its systems. Blackbox testing simulates an outsider attack, as outsiders usually don't know anything about the network or systems they are probing.

Whitebox testing takes the opposite approach of blackbox testing. This form of security test takes the premise that the security tester has full knowledge of the network, systems, and infrastructure.

In the world of software testing, graybox testing is described as a partial knowledge test. EC-Council literature describes graybox testing as a form of internal test. Therefore, the goal is to determine what insiders can access.

Pen testing follows a fixed methodology. To beat a hacker, you have to think like one, so it's important to understand the methodology.

Reconnaissance is considered the first pre-attack phase. The hacker seeks to find out as much information as possible about the victim.

Scanning and enumeration is considered the second pre-attack phase. At this step in the methodology, the hacker is moving from passive information gathering to active information gathering.

Gaining access is when the hacker moves from simply probing the network to actually attacking it. Once the hacker has gained access, he can begin to move from system to system, spreading his damage as he progresses.

Privilege escalation can best be described as the act of leveraging a bug or vulnerability in an application or operating system to gain access to resources that normally would have been protected from an average user.

Covering tracks is when an attempt is made to make sure to remove all evidence of an attacker's activities. This might include using rootkits to cover their tracks. Other hackers might hunt down log files and attempt to alter or erase them.